[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Gnus + Cyrus IMAPD + SSL stopped working
From: |
Peter 'Luna' Runestig |
Subject: |
Gnus + Cyrus IMAPD + SSL stopped working |
Date: |
24 Sep 2003 22:18:07 +0200 |
Symptoms:
Reading imap mail from a Cyrus 2.1.12 imap server over SSL, using Gnus,
on Windows XP, with OpenSSL 0.9.7b, has stopped working for me. Emacs
stops forever with this message:
imap: Opening SSL connection with `openssl s_client -quiet -ssl3 -connect
%s:%p'...
AFAICS, it has something to do with this change to gnus/imap.el:
--- imap.el.old 2003-02-21 22:49:24.000000000 +0100
+++ imap.el 2003-09-24 15:46:58.000000000 +0200
@@ -188,10 +187,10 @@
:group 'imap
:type '(repeat string))
-(defcustom imap-ssl-program '("openssl s_client -ssl3 -connect %s:%p"
- "openssl s_client -ssl2 -connect %s:%p"
- "s_client -ssl3 -connect %s:%p"
- "s_client -ssl2 -connect %s:%p")
+(defcustom imap-ssl-program '("openssl s_client -quiet -ssl3 -connect %s:%p"
+ "openssl s_client -quiet -ssl2 -connect %s:%p"
+ "s_client -quiet -ssl3 -connect %s:%p"
+ "s_client -quiet -ssl2 -connect %s:%p")
"A string, or list of strings, containing commands for SSL connections.
Within a string, %s is replaced with the server address and %p with
port number on server. The program should accept IMAP commands on
I.e. the `-quiet' switch is added to the openssl tool command line.
Removing that `-quiet' switch fixes the problem. Aparently, something
in the openssl output parsing code doesn't agree with the "quiet"
output. Here is some openssl output samples, with and without the
`-quiet' switch:
D:\>openssl s_client -quiet -ssl3 -connect imap.runestig.com:993
Loading 'screen' into random state - done
depth=1 /C=SE/L=Bollnaes/O=LunaBIT/OU=Certification Services
Division/CN=LunaBIT Server CA/address@hidden
verify error:num=19:self signed certificate in certificate chain
verify return:0
* OK arthur.runestig.com Cyrus IMAP4 v2.1.12 server ready
. logout
* BYE LOGOUT received
. OK Completed
read:errno=0
D:\>openssl s_client -ssl3 -connect imap.runestig.com:993
Loading 'screen' into random state - done
CONNECTED(00000790)
depth=1 /C=SE/L=Bollnaes/O=LunaBIT/OU=Certification Services
Division/CN=LunaBIT Server CA/address@hidden
verify error:num=19:self signed certificate in certificate chain
verify return:0
---
Certificate chain
0 s:/C=SE/L=Bollnaes/O=LunaBIT/CN=imap.runestig.com
i:/C=SE/L=Bollnaes/O=LunaBIT/OU=Certification Services Division/CN=LunaBIT
Server CA/address@hidden
1 s:/C=SE/L=Bollnaes/O=LunaBIT/OU=Certification Services Division/CN=LunaBIT
Server CA/address@hidden
i:/C=SE/L=Bollnaes/O=LunaBIT/OU=Certification Services Division/CN=LunaBIT
Server CA/address@hidden
---
Server certificate
-----BEGIN CERTIFICATE-----
MIIDlzCCAwCgAwIBAgIBFDANBgkqhkiG9w0BAQUFADCBojELMAkGA1UEBhMCU0Ux
ETAPBgNVBAcTCEJvbGxuYWVzMRAwDgYDVQQKEwdMdW5hQklUMSgwJgYDVQQLEx9D
ZXJ0aWZpY2F0aW9uIFNlcnZpY2VzIERpdmlzaW9uMRowGAYDVQQDExFMdW5hQklU
IFNlcnZlciBDQTEoMCYGCSqGSIb3DQEJARYZc2VydmVyLWNlcnRzQHJ1bmVzdGln
LmNvbTAeFw0wMTA1MjExMjMxMTlaFw0wMjA1MjExMjMxMTlaME4xCzAJBgNVBAYT
AlNFMREwDwYDVQQHEwhCb2xsbmFlczEQMA4GA1UEChMHTHVuYUJJVDEaMBgGA1UE
AxMRaW1hcC5ydW5lc3RpZy5jb20wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGB
AMs5OPi0PM+UYDaa7Xk33QvMzqtAs8hPBA+xAuLkI+12TDvMv2fRdgDYzLd0XJfM
IUc1TJOIjeV+lJUT0hIifa9txOhN3gkJJHbCoUqWdN2c1sA/sAPUjMQKhdne0ezj
nu7s19Y6oonqZIr5IbOWff7rYgc2IIvjwxOMUKTvNUdNAgMBAAGjggEuMIIBKjAd
BgNVHQ4EFgQUujhQPn5mK4yxOLPTGPdY2sSxrTIwgc8GA1UdIwSBxzCBxIAUybO9
TgXs8o4ZRkMWvKkTN469DEOhgaikgaUwgaIxCzAJBgNVBAYTAlNFMREwDwYDVQQH
EwhCb2xsbmFlczEQMA4GA1UEChMHTHVuYUJJVDEoMCYGA1UECxMfQ2VydGlmaWNh
dGlvbiBTZXJ2aWNlcyBEaXZpc2lvbjEaMBgGA1UEAxMRTHVuYUJJVCBTZXJ2ZXIg
Q0ExKDAmBgkqhkiG9w0BCQEWGXNlcnZlci1jZXJ0c0BydW5lc3RpZy5jb22CAQAw
NwYDVR0fBDAwLjAsoCqgKIYmaHR0cDovL3d3dy5ydW5lc3RpZy5jb20vTHVuYUJJ
VC1DQS5jcmwwDQYJKoZIhvcNAQEFBQADgYEAE4zUDUWKsuukHLNvM5dDkelsJRyE
wngKjyTWGwYkCvifQmxjGMtrmb4jilj1joTBuRfej8oWFagn91vuf94D7j8G6Uw8
mtAyej5coTw9q2wLW4X99k1CfymUaejx7wzDsmfzh/bG/5DNz2KECoi4F5KU7rw6
YEReQoL7ZKdYDB8=
-----END CERTIFICATE-----
subject=/C=SE/L=Bollnaes/O=LunaBIT/CN=imap.runestig.com
issuer=/C=SE/L=Bollnaes/O=LunaBIT/OU=Certification Services Division/CN=LunaBIT
Server CA/address@hidden
---
No client certificate CA names sent
---
SSL handshake has read 2068 bytes and written 314 bytes
---
New, TLSv1/SSLv3, Cipher is AES256-SHA
Server public key is 1024 bit
SSL-Session:
Protocol : SSLv3
Cipher : AES256-SHA
Session-ID: E22098F758D904BCDA54A7E6710033329985E17DDF62B82C66A0C90ED70CA287
Session-ID-ctx:
Master-Key:
B6F34D85919679CD35454F750C8E01F85112C9598A20B0D51066096BD6C4DC37D3B68E09019747D9ACCC7E3E408B5A53
Key-Arg : None
Start Time: 1064433110
Timeout : 7200 (sec)
Verify return code: 19 (self signed certificate in certificate chain)
---
* OK arthur.runestig.com Cyrus IMAP4 v2.1.12 server ready
. logout
* BYE LOGOUT received
. OK Completed
read:errno=0
In GNU Emacs 21.3.50.1 (i386-msvc-nt5.1.2600)
of 2003-09-24 on BOLL-R2
configured using `configure --with-msvc (12.00)'
Important settings:
value of $LC_ALL: nil
value of $LC_COLLATE: nil
value of $LC_CTYPE: nil
value of $LC_MESSAGES: nil
value of $LC_MONETARY: nil
value of $LC_NUMERIC: nil
value of $LC_TIME: nil
value of $LANG: sve
locale-coding-system: iso-latin-1
default-enable-multibyte-characters: t
Recent input:
<return> y <help-echo> <down-mouse-2> <mouse-2> <return>
q q y <help-echo> <help-echo> <help-echo> <help-echo>
<help-echo> <help-echo> <help-echo> <help-echo> <help-echo>
<help-echo> <help-echo> <help-echo> <help-echo> <menu-bar>
<help-menu> <report-emacs-bug>
Recent messages:
Saving d:/luna/.newsrc.eld...
Saving file d:/luna/.newsrc.eld...
Wrote d:/luna/.newsrc.eld
Saving d:/luna/.newsrc.eld...done
Garbage: done
Garbage: depth=1 /C=SE/L=Bollnaes/O=LunaBIT/OU=Certification Services
Division/CN=LunaBIT Server CA/address@hidden
Garbage: verify error:num=19:self signed certificate in certificate chain
Garbage: verify return:0
Garbage: read:errno=0
Loading emacsbug...done
--
Peter 'Luna' Runestig (fd. Altberg), Sweden <address@hidden>
PGP Key ID: 0xD07BBE13
Fingerprint: 7B5C 1F48 2997 C061 DE4B 42EA CB99 A35C D07B BE13
AOL Instant Messenger Screen name: PRunestig
Yahoo! Messenger profile name: altberg
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- Gnus + Cyrus IMAPD + SSL stopped working,
Peter 'Luna' Runestig <=